Google Chrome prior 48.0.2564.109 Brotli dec/decode.c ProcessCommandsInternal buffer overflow

Systems Affected

Threat Level

Overview

A vulnerability, which was classified as critical, has been found in Google Chrome. Affected by this issue is the function ProcessCommandsInternal of the file dec/decode.c of the component Brotli. The manipulation with an unknown input leads to a buffer overflow vulnerability. Impacted is confidentiality, integrity, and availability.

Description

The weakness was presented 02/14/2016. This vulnerability is handled as CVE-2016-1624. The attack may be launched remotely. No form of authentication is required for exploitation. There are known technical details, but no exploit is available.

Impact

Solution/ Workarounds

Upgrading to version 48.0.2564.109 eliminates this vulnerability

References

http://www.scip.ch/en/?vuldb.80948

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.